Mastercard Digital Enablement Service (MDES) is Mastercard’s tokenization platform for digital and card-not-present use cases. Like Visa VTS, MDES issues network tokens bound to a Token Requestor ID and supports lifecycle management when cards expire or are replaced. MDES is the authoritative scheme service; PSP “network token” features are typically MDES or VTS behind a processor-specific integration.
Authorizations with MDES tokens often carry a Universal Cardholder Authentication Field (UCAF) cryptogram and scheme-appropriate ECI values. Issuers use these signals in their authorization scoring. Missing or incorrect cryptograms are a common reason merchants see flat approval rates despite “having network tokens enabled” in a dashboard.
MDES enrollment requires network certification, TRID allocation, and ongoing compliance with Mastercard’s token program rules. Token requestors must handle provisioning states (active, suspended, deleted), respond to issuer decisions, and respect domain controls for where tokens may be used. For platforms with multiple sub-merchants, TRID strategy and reporting lines matter for both compliance and portability.
Veliro provisions MDES tokens under your merchant TRID and returns a unified tok_* reference alongside Visa and Amex credentials where supported. Cryptogram retrieval is a separate, idempotent API call per authorization, matching how issuers expect fresh authentication data for each charge. Keeping MDES outside the PSP path preserves your ability to rotate acquirers without touching the credential layer.